Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,170
- Points
- 113
Insurance companies will not be able to cover even a fifth of the damage caused.
Parametrix, one of the leading providers of cloud-based monitoring, modeling, and insurance services, estimated 5.4 billion in direct financial damage to U.S. Fortune 500 companies (excluding Microsoft) affected by the recent CrowdStrike glitch.
According to Parametrix experts, insurance payments will cover no more than 10-20% of this damage due to the high risk retention by many companies and low policy limits compared to potential losses from operational failures.
The average loss per Fortune 500 company was $44 million, but it ranges from $6 million for manufacturers to $143 million for airlines.
Health care companies ($1.938 billion) and the banking sector ($1.149 billion) will suffer the most direct financial losses. These two sectors account for 57% of the total damage, although they account for only 20% of Fortune 500 revenue, due to the uneven impact of the event on different industries.
The manufacturing sector, the largest by revenue, suffered a relatively minor loss of $36 million, with annual revenue of $3.4 trillion. Airlines, of which there are six, lost about $860 million on revenue of $187.1 billion.
The crash affected a quarter of Fortune 500 companies (125 corporations), including all air carriers and 43% of retailers and wholesalers. About 75% of companies in the healthcare and banking sectors suffered direct losses. In addition to the initial financial losses, the CrowdStrike crash also caused a string of operational delays that affected Fortune 500 companies and their partners.
The analysis made the following conclusions:
Parametrix's deep understanding of the financial impact of the CrowdStrike outage is based on more than 54 billion years of historical cloud service performance data, extensive experience in system failures and business interruption losses, and direct real-time service status monitoring for 6,000 leading technology companies, including a significant portion of the Fortune 500.
The co-founder and CEO of Parametrix, Jonathan Hatzor, said that this event was the largest event in the history of cyber insurance, the consequences of which companies will reap for a very long time. "This event happened extremely quickly and was incredibly global," said Hatzor.
Hatsor also gave a number of practical advice to companies involved in the insurance industry: "Prevention is important, but insurance companies have limited control over the occurrence of events and the practices of service providers. The insurance industry should focus on controlled aspects, such as mapping and managing aggregated risk."
"By understanding these points, you can assess key vulnerabilities and mitigate both malicious and non-malicious threats. This proactive approach makes it possible to make more informed insurance decisions and effectively manage systemic risks," concluded Hatsor.
Source
Parametrix, one of the leading providers of cloud-based monitoring, modeling, and insurance services, estimated 5.4 billion in direct financial damage to U.S. Fortune 500 companies (excluding Microsoft) affected by the recent CrowdStrike glitch.
According to Parametrix experts, insurance payments will cover no more than 10-20% of this damage due to the high risk retention by many companies and low policy limits compared to potential losses from operational failures.
The average loss per Fortune 500 company was $44 million, but it ranges from $6 million for manufacturers to $143 million for airlines.
Health care companies ($1.938 billion) and the banking sector ($1.149 billion) will suffer the most direct financial losses. These two sectors account for 57% of the total damage, although they account for only 20% of Fortune 500 revenue, due to the uneven impact of the event on different industries.
The manufacturing sector, the largest by revenue, suffered a relatively minor loss of $36 million, with annual revenue of $3.4 trillion. Airlines, of which there are six, lost about $860 million on revenue of $187.1 billion.
The crash affected a quarter of Fortune 500 companies (125 corporations), including all air carriers and 43% of retailers and wholesalers. About 75% of companies in the healthcare and banking sectors suffered direct losses. In addition to the initial financial losses, the CrowdStrike crash also caused a string of operational delays that affected Fortune 500 companies and their partners.
The analysis made the following conclusions:
- Traditional industries that use physical computers have taken longer to recover, highlighting the greater resilience and faster recovery of cloud systems.
- Insurers can manage systemic risk through strategic diversification across industries, service providers, and company sizes.
- The impact of the CrowdStrike crash was unique due to its use on both physical servers and the cloud. Insurers should not rely solely on this case when modeling potential failures of cloud systems in the future.
Parametrix's deep understanding of the financial impact of the CrowdStrike outage is based on more than 54 billion years of historical cloud service performance data, extensive experience in system failures and business interruption losses, and direct real-time service status monitoring for 6,000 leading technology companies, including a significant portion of the Fortune 500.
The co-founder and CEO of Parametrix, Jonathan Hatzor, said that this event was the largest event in the history of cyber insurance, the consequences of which companies will reap for a very long time. "This event happened extremely quickly and was incredibly global," said Hatzor.
Hatsor also gave a number of practical advice to companies involved in the insurance industry: "Prevention is important, but insurance companies have limited control over the occurrence of events and the practices of service providers. The insurance industry should focus on controlled aspects, such as mapping and managing aggregated risk."
"By understanding these points, you can assess key vulnerabilities and mitigate both malicious and non-malicious threats. This proactive approach makes it possible to make more informed insurance decisions and effectively manage systemic risks," concluded Hatsor.
Source
